eeb763f196cf3231842ee05d3d53ff1a_JaffaCakes118 | Triage

Sharing

General

Target

eeb763f196cf3231842ee05d3d53ff1a_JaffaCakes118
Size

418KB
MD5

eeb763f196cf3231842ee05d3d53ff1a
SHA1

a1f722f54b8673cf41d26a0cdae4c8307771940f
SHA256

faa2996d73ef2a287bea17105c168ee065abd08e5c523165cb38cf2d7fde708a
SHA512

b6c0570e00f03e59752ec269608ea3013b4c637436a2d87e62564ac8bf5437357a6b19ac2078606343844c25332d84e227e584d4523c1f14110589fe06b40ea5
SSDEEP

6144:tJSIj6cGL9zoV+GmSMCPteNsSrhnIvXui1S:toIjbGLFcfm/CPoN7iuis

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eeb763f196cf3231842ee05d3d53ff1a_JaffaCakes118

Files

eeb763f196cf3231842ee05d3d53ff1a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a7be1064459e605f06890e317a291746

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

hHerWJE2324Jkry.pdb

Imports

winmm

waveOutSetPlaybackRate

shlwapi

SHRegGetBoolUSValueW
PathRenameExtensionW

user32

ReuseDDElParam
IsMenu
PackDDElParam
ChangeClipboardChain
GetSubMenu
UnhookWindowsHookEx

crypt32

CertFreeCertificateChain

gdi32

GetClipBox
SetTextJustification

kernel32

SetFileBandwidthReservation
IsWow64Process
FlsGetValue
GetSystemRegistryQuota
DeactivateActCtx
SetSystemFileCacheSize
SetThreadExecutionState
HeapSize
TerminateThread
GetModuleHandleA
ReleaseActCtx

opengl32

glPolygonMode

setupapi

SetupSetDirectoryIdExW

oleaut32

GetErrorInfo

advapi32

SetServiceBits
SetSecurityDescriptorDacl
CryptGetKeyParam
CryptDuplicateHash

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 283KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ